<?php
 ob_start();
 include 'class_lib.php';
 $connect = new  Connection();


$username = $HTTP_POST_VARS["username"];
$password = $HTTP_POST_VARS["password"];


$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);



$query = "Select * from user where username='$username' and password='$password'";
$result = $connect->requestdata($query);

$number = mysql_num_rows($result);
$index = 0;
if ($number==1) {
	$userID = mysql_result($result,$index,"userid");
	$name = mysql_result($result, $index,"name");
	$profileUrl = mysql_result($result, $index,"imageurl");
	session_start();
	
	$_SESSION["userid"]=$userID;
	$_SESSION["name"] = $name;
	$_SESSION["imageurl"]=$profileUrl;
	header("location:homepage.php");
} 
else{
	echo "<div class='thongbaoloi'>Username or password is not correct !</div>";
}

?>